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This action is in response to the communication filed on 10/8/2008. 
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DETAILED ACTION 
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Response to Arguments 



4 



Applicant's arguments filed 10/8/2008, regarding claims 1 and 33, have been fully 



5 



considered but they are not persuasive. 



6 



The applicant argues that neither Burch nor Brovick teach or suggest that the event 



7 notification is at least one of the following: a session event; a logon event; a logout event; a lock 

8 event; an unlock event; a timer event; or a policy application event. The examiner does not find 

9 the argument persuasive. The examiner has previously pointed to paragraph 0046 of Burch, 

10 which clearly shows that according to a synchronization policy, upon a change to the principal 

1 1 credential store, the enterprise credential store is automatically updated. This falls within the 

12 scope of "a policy application event". Therefore, the examiner does not find the argument 

13 persuasive. 

14 Applicant's arguments with respect to claim 17 have been considered but is not 

15 persuasive. The newly claimed limitations have been addressed in the rejection below. 

16 Regarding the applicant's request for an interview, if the applicant's representative feels 

17 an interview would further the prosecution of the application, the applicant's representative is 

1 8 more than welcome to submit an interview request form via fax to the examiner's direct fax line 

19 at 571-273-3790 and to contact the examiner at 571-272-3790 to discuss a date and time for an 

20 interview. 

2 1 All objections and rejections not set forth below have been withdrawn. 
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1 Claims 1-27, 29, 31-33, and 35-44 have been examined. 

2 Information Disclosure Statement 

3 The information disclosure statement(s) (IDS) submitted on 10/8/2008 are in compliance 

4 with the provisions of 37 CFR 1 .97. Accordingly, the examiner is considering the information 

5 disclosure statements. 

6 Claim Objections 

7 Claims 18-19 are objected to because of the following informalities: These claims recite 

8 "the computer program product of claim 17" which is not consistent with claim 17 which recites 

9 "a computer readable storage media". Appropriate correction is required. 
10 

1 1 Claim Rejections - 35 USC § 103 

12 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

13 obviousness rejections set forth in this Office action: 

14 A patent may not be obtained though the invention is not identically disclosed or 

15 described as set forth in section 102 of this title, if the differences between the subject matter 

16 sought to be patented and the prior art are such that the subject matter as a whole would have 

17 been obvious at the time the invention was made to a person having ordinary skill in the art to 

1 8 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

19 the invention was made. 
20 

21 Claims 1-2, 4-18, 20-27, 29, 31-33, and 35-44 are rejected under 35 U.S.C. 103(a) as 

22 being unpatentable over Burch et al. (US Patent Application Publication 2005/0171872) 

23 hereinafter referred to as Burch, and further in view of Brovick et al. ("WINDOWS® 2000 

24 Active Directory™") hereinafter referred to as Brovick. 
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1 Regarding claim 1, Burch disclosed a method comprising: receiving an event notification 

2 (See Burch Paragraph 0043), wherein the event notification is at least one of the following: a 

3 session event, a logon event, a logout event, a lock event, an unlock event, a timer event, a policy 

4 application event, and a credential update event (See Burch Paragraph 0046); and synchronizing 

5 the local credentials and remote credentials (See Burch Paragraph 0043-0044), but Burch failed 

6 to specifically disclose enumerating local credentials and remote credentials in response to the 

7 event notification. Burch did, however, disclose that the credential stores are directories (See 

8 Burch Paragraph 0022). 

9 Brovick teaches that Active Directory is a directory service, which provided replication 

10 of data between devices, as well as synchronization of the data between the devices in an Active 

1 1 Directory (See Brovick First Paragraph), and that in order to maintain synchronization between 

12 each copy of the directory, each update to a directory is provided with a USN which is compared 

13 with USNs in other devices to determine which updates need to be replicated (See Brovick 

14 "Keeping Track"). 

15 It would have been obvious to the ordinary person skilled in the art at the time of 

1 6 invention to employ the teachings of Brovick in the credential store system of Burch by utilizing 

17 Active Directory to provided the directory service and the synchronization between the 

18 credential stores. This would have been obvious because the ordinary person skilled in the art at 

19 the time of invention would have been motivated to provide quick and efficient directory 

20 services across the distributed credential store. 

21 Regarding claim 17, Burch disclosed a method comprising: receiving an event 

22 notification (See Burch Paragraph 0043), wherein the event notification is at least one of the 
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1 following: a session event, a logon event, a logout event, a lock event, an unlock event, a timer 

2 event, a policy application event, and a credential update event (See Burch Paragraph 0046); and 

3 synchronizing the local credentials and remote credentials (See Burch Paragraph 0043-0044), but 

4 Burch failed to specifically disclose enumerating local credentials and remote credentials in 

5 response to the event notification. Burch did, however, disclose that the credential stores are 

6 directories (See Burch Paragraph 0022). Burch further failed to disclose a synchronization 

7 module which: sorts the local credentials and the remote credentials into a local credential array 

8 and a remote credential array respectively and linearly compares the local credential array and 

9 the remote credential array; and stores a state file for conflict resolution, the state file 

10 comprising: a file version; a flag, wherein the flag indicates whether the credential is user 

1 1 protected (but Burch did disclose that some credentials are user protected in Paragraph 0055); 

12 and a credential state, wherein the credential state comprises: last time synchronization module 

13 called; last time local store changed; and last time remote cache changed. 

14 Brovick teaches that Active Directory is a directory service, which provided replication 

15 of data between devices, as well as synchronization of the data between the devices in an Active 

16 Directory (See Brovick First Paragraph), and that in order to maintain synchronization between 

17 each copy of the directory, each update to a directory is provided with a USN which is compared 

18 with USNs in other devices to determine which updates need to be replicated (See Brovick 

19 "Keeping Track"). Brovick further teaches keeping track of timestamps of when the local and 

20 remote (replicated) data was updated (See Brovick "Conflict Resolution"), and when 

21 synchronization was last performed (See Brovick "Intra-Site Replication"). 
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1 Further, it was well known in the art at the time of invention to sort data into arrays for 

2 linear comparison in order to ease the complexity of the comparison, as well as to use flags to 

3 track Boolean properties. 

4 It would have been obvious to the ordinary person skilled in the art at the time of 

5 invention to employ the teachings of Brovick in the credential store system of Burch by utilizing 

6 Active Directory to provided the directory service and the synchronization between the 

7 credential stores. This would have been obvious because the ordinary person skilled in the art at 

8 the time of invention would have been motivated to provide quick and efficient directory 

9 services across the distributed credential store. It further would have been obvious to the 

10 ordinary person skilled in the art at the time of invention to have sorted the local and remote 

1 1 credentials into a local and remote credential array, and then linearly comparing the arrays to 

12 determine conflicts which need to be resolved. This would have been obvious because ordinary 

13 person skilled in the art at the time of invention would have been motivated to ease the 

14 complexity of the comparison for determining conflicts between the servers. In this 

15 combination, the USN reads on the claimed version number. Further still, it would have been 

16 obvious to the ordinary person skilled in the art at the time of invention to have stored a flag for 

17 each entry in the credential store to track whether the entry was personal (user protected) or not. 

1 8 This would have been obvious because the ordinary person skilled in the art would have been 

19 motivated to utilize a well known method for tracking Boolean properties to track the Boolean 

20 property of personal entry or not. 
21 
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1 Regarding claim 33, Burch disclosed a system comprising: an event handler to 

2 receive event notifications (See Burch Paragraph 0043-0044), wherein the event notification is at 

3 least one of the following: a session event, a logon event, a logout event, a lock event, an unlock 

4 event, a timer event, a policy application event, and a credential update event (See Burch 

5 Paragraph 0046); and a synchronizing module operatively associated with the event handler to 

6 synchronize local credentials and remote credentials if the local and remote credentials are 

7 different from one another (See Burch Paragraph 0043-0044), but Burch failed to specifically 

8 disclose that the synchronization occurred when the event handler receives the event notification. 

9 Burch did, however, disclose that the credential stores are directories (See Burch Paragraph 

10 0022). 

1 1 Brovick teaches that Active Directory is a directory service, which provided replication 

12 of data between devices, as well as synchronization of the data between the devices in an Active 

13 Directory (See Brovick First Paragraph), and that in order to maintain synchronization between 

14 each copy of the directory, each update to a directory is provided with a USN which is compared 

15 with USNs in other devices to determine which updates need to be replicated (See Brovick 

16 "Keeping Track"), and that the synchronization between the devices occurred upon an event 

17 notification (See Brovick "Keeping Track"). 

18 It would have been obvious to the ordinary person skilled in the art at the time of 

1 9 invention to employ the teachings of Brovick in the credential store system of Burch by utilizing 

20 Active Directory to provided the directory service and the synchronization between the 

21 credential stores. This would have been obvious because the ordinary person skilled in the art at 
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1 the time of invention would have been motivated to provide quick and efficient directory 

2 services across the distributed credential store. 

3 Regarding claims 2 and 18, Burch and Brovick taught that synchronizing the local 

4 credentials and the remote credentials is based on at least one time-stamp associated with the 

5 local credentials and at least one time-stamp associated with the remote credentials (See Brovick 

6 Conflict Resolution). 

7 Regarding claims 4 and 3 1 , while Burch and Brovick did not specifically teach that the 

8 synchronizing included error handling, it was well known in the art of data transmission to 

9 include error handling, and therefore would have been obvious to the ordinary person skilled in 

10 the art at the time of invention to have done so. 

1 1 Regarding claims 5 and 20, Burch and Brovick taught writing at least one of the local 

12 credentials to a remote credential cache (See Burch Paragraph 0056). 

13 Regarding claims 6 and 21, Burch and Brovick taught writing at least one of the remote 

14 credentials to a local credential cache (See Burch Paragraph 0053). 

15 Regarding claims 7-8 and 22-23, while Burch and Brovick taught that changes in local 

16 credentials are duplicated in the remote credential store, and vice versa, they failed to specifically 

17 disclose deleting remote credentials. However, addition and deletion of credentials in a 

1 8 credential store is well known, and would have been obvious to the ordinary person skilled in the 

19 art at the time of invention. This would have been obvious because the ordinary person skilled in 

20 the art would have been motivated to have allowed flexibility in the authorizations granted 

2 1 within the system by allowing authorizations to be granted and taken away. 
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1 Regarding claims 9 and 24, Burch and Brovick taught modifying at least one of the local 

2 credentials at a local credential cache based on at least one of the remote credentials (See Burch 

3 Paragraph 0053). 

4 Regarding claims 10 and 25, Burch and Brovick taught modifying at least one of the 

5 remote credentials at a remote credential cache based on at least one of the local credentials See 

6 Burch Paragraph 0056). 

7 Regarding claims 1 1 and 26, Burch and Brovick taught updating a list of local credentials 

8 (See Brovick "Keeping Track"). 

9 Regarding claims 12 and 27, Burch and Brovick taught updating a list of remote 

10 credentials (See Brovick "Keeping Track"). 

1 1 Regarding claims 13, and 29, Burch and Brovick taught determining a state of the remote 

12 credentials dynamically (See Brovick "Intra-Site Replication" and "Inter-Site Replication"). 

13 Regarding claim 14, Burch and Brovick taught maintaining a state file for the remote 

14 credentials (See Brovick "Keeping Track"). 

15 Regarding claim 15, Burch and Brovick taught maintaining a state file for the local 

16 credentials (See Brovick "Keeping Track"). 

17 Regarding claims 16 and 32, Burch and Brovick taught resolving a conflict of state 

18 between the local credentials and the remote credentials (See Burch Paragraph 0044 and Brovick 

19 "Conflict Resolution"). 

20 Regarding claim 35, Burch and Brovick taught that the credentials include at least one of 

21 the following: an encryption credential, a token, an asymmetric key pair, a symmetric key, a 
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1 digital certificate, an XrML license, an authentication credential, an authorization credential (See 

2 Burch Paragraphs 0022-0024). 

3 Regarding claim 36, Burch and Brovick taught that a local store manager to enumerate 

4 the local credentials for the synchronizing module (See Brovick "Keeping Track"). 

5 Regarding claim 37, Burch and Brovick taught that a remote store manager to enumerate 

6 the remote credentials for the synchronizing module (See Brovick "Keeping Track"). 

7 Regarding claim 38, Burch and Brovick taught that the local credentials are stored in a 

8 local cache (See Burch Paragraph 0053). 

9 Regarding claim 39, Burch and Brovick taught that the local credentials are stored in a 

10 local cache provided at any number (n) of clients (See Burch Paragraph 0053). 

1 1 Regarding claim 40, Burch and Brovick taught that the local credentials are encrypted 

12 using a master key (See Burch Paragraph 0025). 

13 Regarding claim 41, Burch and Brovick taught that the remote credentials are stored in a 

14 remote cache (See Burch Paragraph 0056). 

15 Regarding claim 42, Burch and Brovick taught that the local credentials are stored in a 

1 6 remote cache provided at any number (n) of hosts (see Burch Paragraph 0056). 

17 Regarding claim 43, Burch and Brovick taught that the remote credentials are maintained 

18 by a remote directory service (See Burch Paragraphs 0022 and 0056). 

19 Regarding claim 44, Burch and Brovick taught that the remote credentials are encrypted 

20 (See Burch Paragraph 0025). 

21 Claims 3 and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over the 

22 combination of Burch and Brovick as applied to claims 1 and 17 above, and further in view of 
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1 Yianilos et al. (US Patent Application Publication 2002/0029214) hereinafter referred to as 

2 Yianilos. 

3 Burch and Brovick disclosed detection of changes between local and remote credentials, 

4 but failed to disclose that the synchronizing was based on a comparison of hash values. 

5 Yianilos teaches an alternative method for detecting differences between entries in a 

6 synchronization system which involves generating a hash for the local data and a hash for the 

7 remote data, and comparing the hashes, wherein if the hashes are different then a change has 

8 been detected and synchronization is required (See Yianilos Paragraphs 0083 - 0084). 

9 It would have been obvious to the ordinary person skilled in the art at the time of 



10 invention to employ the teachings of Yianilos in the synchronization system of Burch and 

1 1 Brovick by detecting changes by comparing hashes of the local and remote credential stores. 

12 This would have been obvious because the ordinary person skilled in the art would have been 

13 motivated to minimize the network traffic generated by the synchronization. 



14 Conclusion 

15 Claims 1-27, 29, 31-33, and 35-44 have been rejected. 

16 The prior art made of record and not relied upon is considered pertinent to applicant's 

17 disclosure. 

18 THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 

1 9 policy as set forth in 37 CFR 1 . 1 36(a). 

20 A shortened statutory period for reply to this final action is set to expire THREE 

21 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

22 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
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1 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 

2 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

3 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 

4 however, will the statutory period for reply expire later than SIX MONTHS from the mailing 

5 date of this final action. 



6 Any inquiry concerning this communication or earlier communications from the 

7 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

8 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

9 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

10 supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 

1 1 organization where this application or proceeding is assigned is 571-273-8300. 

12 Information regarding the status of an application may be obtained from the Patent 



13 Application Information Retrieval (PAIR) system. Status information for published applications 

14 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

15 applications is available through Private PAIR only. For more information about the PAIR 

16 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

1 7 system, contact the Electronic Business Center (EBC) at 866-2 1 7-9 1 97 (toll-free). If you would 

18 like assistance from a USPTO Customer Service Representative or access to the automated 

19 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

20 /Matthew T Henning/ 

2 1 Examiner, Art Unit 243 1 
22 
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